LuKreme
2014-01-03 21:34:22 UTC
On my Apache 2.4.6 (under FreeBSD 8.0-RELEASE) I have two nearly identical directives setup for webdav. The first is in users/example.com.conf and the second is in extras/vhosts.conf:
<virtualhost *:80>
ServerName virtual.example.net
DocumentRoot /www/example.net/
DavLockDB /tmp/DavLock.randy
<location />
DAV On
AuthType digest
AuthName Randy
AuthUserFile /usr/local/www/example.net/.htdigest
Options All
ForceType text/plain
<Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
require user randy
</Limit>
</location>
</VirtualHost>
The second:
<virtualhost *:80>
ServerName webdav.example.com
DocumentRoot /usr/local/www/
DavLockDB /tmp/DavLock.mike
<location />
DAV On
AuthType digest
AuthName ServerRoot
AuthUserFile /usr/local/www/msmith/.digestpass
Options All
ForceType text/plain
<Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
require user ben
</Limit>
</location>
</virtualhost>
Neither one works, but they fail to work in different ways. The first fails to connect (not fails to auth, that behaves differently). the only thing I see in the logs is:
[03/Jan/2014:14:30:32 -0700] "OPTIONS / HTTP/1.1" 200 - "-" "WebDAVFS/3.0.0 (03008000) Darwin/13.0.0 (x86_64)"
The second connects just fine to the top-level of the webserver, but has no permission to access any thing but the top-level view of the server. I can edit files on that top level without an error on my local machine, but those edits do not propagate to the server. I can open folders, but not see the contents of those folders.
This second dav will generate errors:
[Fri Jan 03 14:11:38.922133 2014] [dav:error] [pid 43284] (13)Permission denied: [client 12.34.56.789:63913] An error occurred while opening a resource. [500, #0]
[Fri Jan 03 14:11:42.600576 2014] [dav:error] [pid 43284] (13)Permission denied: [client 12.34.56.789:63916] Unable to create collection. [403, #0]
[Fri Jan 03 14:15:23.169161 2014] [auth_digest:info] [pid 43306] [client 12.34.56.789:63950] AH01778: user ben: nonce expired (316.00 seconds old - max lifetime 300.00) - sending new nonce
[Fri Jan 03 14:15:23.541680 2014] [dav:error] [pid 43306] [client 12.34.56.789:63950] Unable to PUT new contents for /contact.html. [403, #0]
[Fri Jan 03 14:15:23.541690 2014] [dav:error] [pid 43306] (13)Permission denied: [client 12.34.56.789:63950] An error occurred while opening a resource. [500, #0]
The files and folders are owned by the www user.
<virtualhost *:80>
ServerName virtual.example.net
DocumentRoot /www/example.net/
DavLockDB /tmp/DavLock.randy
<location />
DAV On
AuthType digest
AuthName Randy
AuthUserFile /usr/local/www/example.net/.htdigest
Options All
ForceType text/plain
<Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
require user randy
</Limit>
</location>
</VirtualHost>
The second:
<virtualhost *:80>
ServerName webdav.example.com
DocumentRoot /usr/local/www/
DavLockDB /tmp/DavLock.mike
<location />
DAV On
AuthType digest
AuthName ServerRoot
AuthUserFile /usr/local/www/msmith/.digestpass
Options All
ForceType text/plain
<Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
require user ben
</Limit>
</location>
</virtualhost>
Neither one works, but they fail to work in different ways. The first fails to connect (not fails to auth, that behaves differently). the only thing I see in the logs is:
[03/Jan/2014:14:30:32 -0700] "OPTIONS / HTTP/1.1" 200 - "-" "WebDAVFS/3.0.0 (03008000) Darwin/13.0.0 (x86_64)"
The second connects just fine to the top-level of the webserver, but has no permission to access any thing but the top-level view of the server. I can edit files on that top level without an error on my local machine, but those edits do not propagate to the server. I can open folders, but not see the contents of those folders.
This second dav will generate errors:
[Fri Jan 03 14:11:38.922133 2014] [dav:error] [pid 43284] (13)Permission denied: [client 12.34.56.789:63913] An error occurred while opening a resource. [500, #0]
[Fri Jan 03 14:11:42.600576 2014] [dav:error] [pid 43284] (13)Permission denied: [client 12.34.56.789:63916] Unable to create collection. [403, #0]
[Fri Jan 03 14:15:23.169161 2014] [auth_digest:info] [pid 43306] [client 12.34.56.789:63950] AH01778: user ben: nonce expired (316.00 seconds old - max lifetime 300.00) - sending new nonce
[Fri Jan 03 14:15:23.541680 2014] [dav:error] [pid 43306] [client 12.34.56.789:63950] Unable to PUT new contents for /contact.html. [403, #0]
[Fri Jan 03 14:15:23.541690 2014] [dav:error] [pid 43306] (13)Permission denied: [client 12.34.56.789:63950] An error occurred while opening a resource. [500, #0]
The files and folders are owned by the www user.
--
Gehm's Corollary to Clarke's law: Any technology distinguishable from
magic is insufficiently advanced.
Gehm's Corollary to Clarke's law: Any technology distinguishable from
magic is insufficiently advanced.